Tunnel (Routing ?) problem
-
Hello,
I've made the setup of site/site OpenVpn between 2 pfsense.
First setup:
Lan Range 10.10.10.0/23
IP range Tunnel: 10.10.30.0/24Second Setup:
IP range 192.168.2.0/24The tunnel is up without problem
From SSH console from both pfsense i can ping machines in their respective ip range (ex: from second pfsense i can ping 10.10.10.45)
But from Ping test (webgui) or an computer in a Lan network i can reach other side, the tracert stop in the pfsense
I try to add an "ANY" rule on Lan on both pfsense, no effect…
Any idea to help me ?
Patrick,
-
Let's start with basic help..
What rules you have on Lan's and tunnel interfaces?
Capture traffic while you try to connect(ping) to another machine.I think, that it's more likely routing problem, that if your machine try to connect another end of tunnel trafic is sent out to wan without that tunnel..
So rule on lan would be that any trafic from this lan to another lan is sent via tunnel
and rule on tunnel is allow anything -
Hello,
Rules are ok for me, i've also to create a temporary "Any" but no effect.
In summary
A computer 10.10.10.45 connected to firewall 10.10.10.1 can ping firewall, OpenVPN Interface 10.10.30.1
On other side a computer 192.168.2.8 can ping firewall 192.168.2.1
With a ssh shell session on 10.10.10.1 i can ping 192.168.2.1 and .8
Same on 192.168.2.1 i can ping 10.10.10.1 and .45
But not possible from pfsense gui / diag / ping, i try lan, wan… timeout, same from computers....
... :'(